at 5:34 This threw me off because the document shows the file as root_ca.pem but the script creates root-ca.pem. may want to correct that. Otherwise very helpful thank you!
Graylog supports an agentless log ingestion input such as SYSLOG and manages the opensearch indexes as part of a fully open source ELK stack, whereas Wazuh depends on the agent to be installed.
I'm trying to deploy but after running docker compose all the containers start aside from graylog that reports it is unable to find mongodb. Can anyone point me in the right direction for this who have been able to deploy the stack. Many Thanks
So, I encountered the same problem. In my case the issue was mongo complaining for a CPU that does not support AVX. To verify do a docker ps, copy paste the mongo id and run "docker logs mongo_ID --follow". If it says the same message, then you have to verify that your CPU supports AVX, in my case it did so went to proxmox, used the correct CPU (host) and after restarting the whole process from scratch got rid of the mongodb problem.
Really great automation, and also great support for #open-source community
You're exceptional....You finally listened
thank you very much. i really hope there will be a step-by-step guide to build siem stack cluster (index cluster, graylog cluster, ....)
Way to GO dlo! I've been away for over a year and my wazuh is waay out of date. Looking forward to this quick deployment!
Hope you give more information about the siem solution like how to collect logs and how to write custom rules and all
This is so WOW. Love it. But a question. Should I have been putting my docker stuff in the /opt directory all along!?
at 5:34 This threw me off because the document shows the file as root_ca.pem but the script creates root-ca.pem. may want to correct that. Otherwise very helpful thank you!
how can i connect a docker graylog with non-docker wazuh indexer ?? anyone help please......
What is the final and real video to installing Soc fortress. You have some videos..
You beat met too it ! Can't wait to make it even more idiot proof in JAMBOREE :P THANK YOU SO MUCH!
Really easy to install and get running but now I nave to get data into the system...? Where would we point to push logs to the system
why greylog and wazuh together?
same question. :?
They use graylog to make log normalization of wazuh fields, to interact with other threat intel sources and some other things.
Graylog supports an agentless log ingestion input such as SYSLOG and manages the opensearch indexes as part of a fully open source ELK stack, whereas Wazuh depends on the agent to be installed.
I'm trying to deploy but after running docker compose all the containers start aside from graylog that reports it is unable to find mongodb. Can anyone point me in the right direction for this who have been able to deploy the stack. Many Thanks
Same issues if you found any thing to fix it plz update me on it.
So, I encountered the same problem. In my case the issue was mongo complaining for a CPU that does not support AVX. To verify do a docker ps, copy paste the mongo id and run "docker logs mongo_ID --follow". If it says the same message, then you have to verify that your CPU supports AVX, in my case it did so went to proxmox, used the correct CPU (host) and after restarting the whole process from scratch got rid of the mongodb problem.
all containers are not starting
like graylog
Hey connector not working